15:01:51 <gagehugo> #startmeeting security
15:02:14 <gagehugo> ping eeiden fungi gagehugo lhinds nickthetait browne redrobot
15:02:17 <redrobot> o/
15:02:25 <gagehugo> #link https://etherpad.openstack.org/p/security-agenda
15:03:00 <gagehugo> redrobot o/
15:03:17 <redrobot> gagehugo, 👋
15:03:39 <fungi> yup, also in tc office hour as usual
15:04:55 <gagehugo> probably will be a shorter meeting
15:05:07 <gagehugo> #topic OSSN/OSSA
15:05:16 <gagehugo> fungi any updates?
15:05:31 <fungi> let's see...
15:06:25 <fungi> #link https://launchpad.net/bugs/1784259 Neutron RBAC not working for multiple extensions
15:06:25 <openstack> Launchpad bug 1784259 in OpenStack Security Advisory "Neutron RBAC not working for multiple extensions" [Undecided,Incomplete]
15:06:45 <fungi> that's been switched to public as of saturday
15:07:28 <fungi> the corresponding fixes are still under review
15:07:58 <gagehugo> hmm
15:08:00 <fungi> and no confirmed status from the vmt that it's a vulnerability in need of an ossa (which will depend somewhat on how the fixes for it shake out)
15:08:37 <fungi> if anyone has opinions on this issue or wants to help out, you're very welcome to do so
15:09:08 <gagehugo> policy is always fun
15:10:06 <fungi> i don't think there are any other public developments worth mentioning since last week
15:10:50 <gagehugo> fungi: thanks!
15:11:01 <gagehugo> #topic Documentation
15:11:13 <gagehugo> I don't have any updates for this
15:12:09 <gagehugo> #topic Threat Analysis Documents
15:12:25 <gagehugo> there is a review for pycadf: https://review.openstack.org/#/c/529945/
15:12:41 <gagehugo> I think that is pretty close
15:12:59 <gagehugo> keystonemiddleware - https://review.openstack.org/#/c/526476/
15:13:02 <gagehugo> also pretty close
15:13:46 <gagehugo> fungi not sure about your availability, but when lhinds gets back I was wondering if we could schedule time to review the pycadf one
15:13:57 <gagehugo> it's pretty simple imo
15:14:16 <fungi> sure can try. no promises, but yes sounds good
15:14:56 <gagehugo> keystonemiddleware will likely take more involvement
15:15:11 <gagehugo> that's all I got for that though
15:15:17 <gagehugo> #topic PTG
15:15:32 <gagehugo> I created an etherpad for the security sig
15:15:39 <gagehugo> #link https://etherpad.openstack.org/p/security-stein-ptg
15:16:12 <fungi> as always, i'll be at the ptg. if you're getting into a topic you want me to weigh in on definitely give me a heads up in #openstack-ptg or something so i can switch rooms/hats
15:16:21 <gagehugo> I will reach out to Ade about how barbican is wanting to schedule their agenda, and see where we can figure in our topics
15:16:59 <gagehugo> fungi: sounds good
15:17:09 <gagehugo> we share a room on Mon/Tue
15:17:32 <gagehugo> I think the keystone cross-project is scheduled for monday so that will probably take a good portion of my day
15:17:46 <gagehugo> #topic General Discussion
15:18:02 <fungi> #link https://review.openstack.org/586896 Remove Security project team
15:18:05 <fungi> that merged on monday
15:18:10 <fungi> the security team is dead, long live the security sig
15:18:28 <gagehugo> heh
15:19:00 <gagehugo> I was going to suggest canceling next week's meeting (unless anyone want's to chair)
15:19:10 <gagehugo> I will be out, and I believe lhinds is out as well
15:19:46 <fungi> fine with me. i'd be a poor chair since i'm already splitting my time during this slot
15:20:56 <gagehugo> I will mark it as canceled then for next week (and send out an email to the ML)
15:21:11 <gagehugo> otherwise this room is available at this time next week if anyone wants to use it
15:21:23 <gagehugo> that's all I got
15:21:44 <gagehugo> redrobot do you have anything?
15:21:59 <redrobot> gagehugo, negative, just lurking
15:22:17 <gagehugo> ok
15:22:24 <gagehugo> thanks for coming everyone, have a good weekend!
15:22:28 <gagehugo> #endmeeting